CN110765438B - High-performance password card and working method thereof - Google Patents
High-performance password card and working method thereof Download PDFInfo
- Publication number
- CN110765438B CN110765438B CN201911017354.6A CN201911017354A CN110765438B CN 110765438 B CN110765438 B CN 110765438B CN 201911017354 A CN201911017354 A CN 201911017354A CN 110765438 B CN110765438 B CN 110765438B
- Authority
- CN
- China
- Prior art keywords
- key
- password
- card
- user
- main control
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Active
Links
Images
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/602—Providing cryptographic facilities or services
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/64—Protecting data integrity, e.g. using checksums, certificates or signatures
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING OR COUNTING
- G06F—ELECTRIC DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/86—Secure or tamper-resistant housings
- G06F21/87—Secure or tamper-resistant housings by means of encapsulation, e.g. for integrated circuits
Landscapes
- Engineering & Computer Science (AREA)
- Theoretical Computer Science (AREA)
- Computer Security & Cryptography (AREA)
- Computer Hardware Design (AREA)
- General Physics & Mathematics (AREA)
- General Engineering & Computer Science (AREA)
- Physics & Mathematics (AREA)
- Software Systems (AREA)
- Health & Medical Sciences (AREA)
- Bioethics (AREA)
- General Health & Medical Sciences (AREA)
- Microelectronics & Electronic Packaging (AREA)
- Storage Device Security (AREA)
Abstract
The invention discloses a high-performance password card, which comprises a hardware platform and a software system; the hardware platform comprises a ZYNQ main processor, a storage unit, a password key unit, a PCIE interface, two digital physical noise sources, a first password algorithm chip, a second password algorithm chip and a third password algorithm chip, the software system comprises a Linux system and a main control program, the Linux system runs in one core of the ARM processor, and the main control program runs in the other core of the ARM processor. The invention adopts the cryptographic algorithm chip with self-destruction input to store and protect the key component, effectively improves the anti-attack capability, integrates the functions of key generation, key management, data encryption and decryption, digital signature, identity authentication, key agreement, file management and the like, has rich product functions and greatly meets the user requirements.
Description
Technical Field
The invention relates to the technical field of password cards, in particular to a high-performance password card and a working method thereof.
Background
Information security is a comprehensive cross scientific field, widely relates to a plurality of disciplines such as mathematics, cryptography, computers, communication, control, artificial intelligence, safety engineering, human science and the like, and is a hot subject field which is rapidly developed in recent years. With the development of information technology, people are also confronted with a severe examination of information safety when enjoying huge benefits brought by information resources. The information security problem is increasingly prominent, various security applications based on the principle of cryptography are increasingly widespread, and data encryption is deeply carried out in all corners of information application. Heretofore, cryptography is the most effective method for achieving information security, and is the core technology of information security. By data encryption, one can effectively ensure that the content on the communication line is not revealed, and can also verify the integrity of the transmitted information.
At present, the function of the existing common password card is imperfect, a key destroying mechanism is lacked, and the storage of the secret key is also unsafe. For example, the chinese patent discloses a PCIe interface-based password card and a data encryption method for the password card, and the application number is 201610509715.9, and the ZYNQ main processor is used as an on-board core, and the FPGA module and the ARM processor are interconnected by using a high-speed on-chip bus connection manner, so that the data interaction performance is improved, the inter-system delay is reduced, the system performance is improved, and the system cost is reduced; meanwhile, the data transmission performance is improved by adopting the internal high-speed bus interconnection and the PCIe interface, the algorithm operation is realized by adopting the FPGA module, the algorithm performance is improved, the overall performance of the system is greatly improved, the storage module can provide massive secret key storage, and the storage space can be increased by tens of thousands. But the functions provided to the user are limited, and a key destroying mechanism is also lacked, so that the security of key storage is to be improved.
Disclosure of Invention
The invention aims to overcome the technical problems and provide a high-performance password card.
In order to achieve the purpose, the invention adopts the following technical scheme:
a high-performance password card comprises a hardware platform and a software system; the hardware platform comprises a ZYNQ main processor, a storage unit, a password key unit, a PCIE interface, two digital physical noise sources, a first password algorithm chip, a second password algorithm chip and a third password algorithm chip; the ZYNQ main processor comprises a dual-core ARM processor and an FPGA, the ARM processor and the FPGA are interconnected through a high-speed on-chip bus, and the ARM processor is mainly used for user identity authentication, key management, password operation and file management; the FPGA is used for assisting the ARM processor to operate each cryptographic algorithm chip so as to effectively reduce the load of the ARM processor and improve the parallel operation capability of the cryptographic algorithm chips; the password key unit is electrically connected with the ARM processor through a USB interface and is used for identifying identity authentication and managing keys; the PCIE interface is electrically connected with the FPGA, and the high-performance password card is connected with external server equipment through the PCIE interface; the two digital physical noise sources are electrically connected with the FPGA and used for generating a secret key, an initial vector and a random number, and the random number is obtained by XOR of results generated by the two digital physical noise sources; the storage unit comprises DDR, SPI Flash and eMMC; the DDR is electrically connected with the ARM processor and used as an operating environment of the OS; the SPI Flash is electrically connected with the ARM processor and used for storing programs; the eMMC is electrically connected with the ARM processor and used for storing a secret key; the first cryptographic algorithm chip is electrically connected with the FPGA and is used for realizing SM2, SM3 and SM4 cryptographic algorithms; the second cryptographic algorithm chip is electrically connected with the FPGA and is used for realizing an SM1 cryptographic algorithm; the third cryptographic algorithm chip is electrically connected with the ARM processor through the UART and used for safely storing the secret key;
the software system comprises a Linux system and a main control program, the Linux system runs in one core of the ARM processor, the main control program runs in the other core of the ARM processor, and the main control program comprises an initialization module and is used for initializing the ARM processor, initializing a PL side FPGA, identifying the integrity of firmware and password card data, verifying whether each password algorithm chip works normally or not and realizing the password card initialization function; the key management module is used for realizing three-level key system management and backup recovery management; the authority control module is used for realizing identity authentication, realizing management authority, separating operation authority from audit authority and ensuring the use safety of the password card; the cryptographic algorithm chip control module is used for realizing access control of each cryptographic algorithm chip; the file management module is used for realizing file management on the password card; and the backup recovery module is used for realizing a backup recovery mechanism of the password card.
Furthermore, a pin of the third cryptographic algorithm chip is externally connected with a key destruction key, and the rest pins are pressed by the protective cover of the cryptographic card, so that when external force forcibly destroys the protective cover, the key in the third cryptographic algorithm chip can be destroyed in time.
The host comprises an API (application programming interface) and a driver, when the host is actually applied, an application layer calls the API to acquire various password services, the API encapsulates data according to a service request of the application layer in a format, the encapsulated data is transmitted to the password card through the driver, the password card processes the data by calling a corresponding module of a main control program, and the driver acquires a result transmitted back by the password card and returns the result to the application layer.
A working method of a high-performance cryptographic card comprises a random number generation method, an SM2 key pair generation method, a generation and verification method based on an SM2 digital signature, a key negotiation method based on SM2, an SM3 data digest method and a symmetric algorithm encryption and decryption method based on SM1/SM 4.
Further, the specific implementation steps of the random number generation method are as follows: after the API interface is called, the API interface firstly packages the data in format and then sends the data to the password card through a driver, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct or not, if the data format and the parameters are correct, the ARM processor calls the FPGA to operate a digital physical noise source to respectively generate random numbers with the same length required by a user, then the obtained random numbers are subjected to XOR and then returned to the ARM processor, then the ARM processor packages a response message, and the random numbers with the required length are returned to a caller through the driver and the API interface.
Further, the specific implementation steps of the SM2 key pair generation method are as follows: after the API interface is called, the API interface firstly packages the format of the data and then sends the data to the password card through a driving program; then, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct, if so, whether the user authority is met is detected, and if so, 256-bit random numbers are generated through a digital physical noise source to serve as private keys; then, calling the FPGA to operate a first cryptographic algorithm chip to perform kP operation so as to obtain a public key value; and finally, packaging the response message, returning the key to the caller through the driver and the API, clearing the key pair in the password card, and directly returning the error code to the caller through the driver and the API if one of the keys is not satisfied.
Further, the specific implementation steps of the SM 2-based digital signature generation and verification method are as follows: after the API interface is called, the API interface firstly carries out format encapsulation on the data, and then the data are packaged and sent to the password card through a driving program; secondly, the ARM processor on the password card firstly analyzes whether the data format and the parameters are correct, and if the data format and the parameters are correct, the next step of processing is carried out: if the SM2 digital signature is generated, whether the user session has acquired the access authority of the private key needs to be verified, if the authority has been acquired, the private key is decrypted, then the FPGA is called to operate the first cryptographic algorithm chip to digitally sign the data, and the private key is set to 0 immediately after the signature is completed; if the SM2 digital signature is verified, calling the FPGA to operate a first cryptographic algorithm chip to verify the digital signature, and finally returning the result to the caller through a driver and an API (application program interface); and if the above one item is not satisfied, directly returning the error code to the caller through the driver and the API.
Further, the specific implementation steps of the SM 2-based key agreement method are as follows: after the API interface is called, the API interface firstly carries out format encapsulation on the data, and then the data are packaged and sent to the password card through a driving program; then, the ARM processor on the password card firstly analyzes whether the data format and the parameters are correct, and if the data format and the parameters are correct, the next step of processing is carried out: if the private key needs to be used, verifying whether the user session has acquired the access authority of the private key, if so, decrypting the private key, calling the FPGA to operate the first cryptographic algorithm chip to perform key agreement on the data, and immediately setting the private key to 0 after the operation is completed; and finally, returning the result to the caller through the driver and the API, and if one of the results is not satisfied, directly returning the error code to the caller through the driver and the API.
Further, the specific implementation steps of the SM3 data summarization method are as follows: after the API interface is called, the API interface firstly carries out format encapsulation on the data, and then the data are packaged and sent to the password card through a driving program; secondly, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct or not, and if the data format and the parameters are correct, the ARM processor calls the FPGA to operate a first password algorithm chip to carry out hash generation on the data; and finally, returning the result to the caller through the driver and the API, and if one of the items is not satisfied, directly returning the error code to the caller through the driver and the API.
Further, the SM1/SM 4-based symmetric algorithm encryption and decryption method comprises the following specific implementation steps: after the API interface is called, the API interface firstly packages the data in a format, then packages the data and sends the data to the password card through a driving program, an ARM processor on the password card firstly detects whether the ARM processor has the authority of an operator, if the ARM processor on the password card has the authority of the operator, decrypts a corresponding symmetric key, then packages the data to the FPGA and starts a state machine, and after the FPGA interacts with the first password algorithm chip or the second password algorithm chip through the state machine, the FPGA returns the result to the ARM processor.
The invention has the beneficial effects that:
1. the invention has the functions of key generation, key management, data encryption and decryption, digital signature, identity authentication, key agreement and the like, has complete functions, greatly meets the requirements of users, and solves the technical problem of lacking functions of the password card in the market at present.
2. And a cryptographic algorithm chip with self-destruction input is adopted to store and protect the key component, so that the anti-attack capability is effectively improved.
3. The password key unit is adopted as one of the user double-factor authentication, so that the security and the reliability are realized.
4. The method divides a protection key into 2 during initialization, respectively stores the two components, and stores the component 1 in a password key unit and is protected by a user PIN code; the component 2 is stored in a security chip SSX1616 on the password card, so that the risk of leakage is reduced, and the security of the secret key is improved and protected.
Drawings
FIG. 1: the invention relates to a logic block diagram of a hardware platform of a high-performance password card.
FIG. 2: the invention relates to a logic block diagram of a main control program and a host program.
FIG. 3: the invention discloses a flow diagram of a random number generation method.
FIG. 4: the invention discloses a flow chart diagram of a SM2 key pair generation method.
FIG. 5: the invention is a flow diagram of a digital signature method based on SM 2.
FIG. 6: the invention is based on a flow schematic diagram of an SM2 digital signature verification method.
FIG. 7: the invention discloses a flow diagram of a key negotiation method based on SM 2.
FIG. 8: the invention discloses a flow chart diagram of an SM3 data summarization method.
FIG. 9: the invention discloses a schematic flow diagram of a symmetric algorithm encryption and decryption method based on SM1/SM 4.
FIG. 10: the invention discloses a starting process schematic diagram of a high-performance password card.
Detailed Description
The present invention will be described in detail below with reference to the accompanying drawings and examples.
The first embodiment is as follows:
a high-performance password card comprises a hardware platform and a software system; as shown in fig. 1, the hardware platform includes a ZYNQ main processor, a storage unit, a cryptographic key unit, a PCIE interface, two digital physical noise sources, a first cryptographic algorithm chip, a second cryptographic algorithm chip, and a third cryptographic algorithm chip;
the ZYNQ main processor is a 7Z015 chip of Xilinx company, a dual-core ARM Processor (PS) and an FPGA (PL) are integrated in the chip, the ARM processor and the FPGA are interconnected through a high-speed on-chip bus, and the ARM processor is mainly used for user identity authentication, key management, password operation and file management; the FPGA is used for assisting the ARM processor to operate each cryptographic algorithm chip so as to effectively reduce the load of the ARM processor and improve the parallel operation capability of the cryptographic algorithm chips.
The storage unit comprises DDR, SPI Flash and eMMC;
the DDR is an MT41K128M16 chip, is electrically connected with the ARM processor and is used for supporting the running of an SOC system and a main control program;
the SPI Flash is an S25FL128 chip, is electrically connected with the ARM processor and is used for storing firmware required by starting;
the eMMC is an SDIN7DP2-4G chip, is electrically connected with the ARM processor, and is used for storing data, user keys and user files of the password card. Information such as a user key is stored in a ciphertext mode to ensure safety;
the two digital physical noise sources adopt WNG-9 chips of Beijing Hongsi electronic technology, Inc., the WNG-9 chip is provided with a clock line and an address line and is connected to the PL side (namely FPGA) of the ZYNQ main processor, the data and the clock lines of the two WNG-9 chips are independent and are controlled by an FPGA state machine and used for generating a secret key, an initial vector and a random number, and the random number is obtained by XOR of the results generated by the two digital physical noise sources;
the cipher key unit is an SJK1915 device and is used for identifying identity authentication and key management, and is connected to the PS side (namely an ARM processor) of the ZYNQ main processor by adopting a USB interface and is directly accessed and controlled by the ARM processor;
the first cryptographic algorithm chip is an SSX1510 chip, the SSX1510 chip is connected to the PL side of the ZYNQ main processor and controlled by an FPGA (field programmable gate array) state machine, and the first cryptographic algorithm chip is used for realizing SM2 operation, SM3 digest production and SM4 encryption and decryption algorithms;
the second cryptographic algorithm chip is an SSX30-D chip, and an SSX30-D chip is connected to the PL side of the ZYNQ main processor and controlled by an FPGA (field programmable gate array) state machine and is used for realizing an SM1 encryption and decryption algorithm;
all signal lines of the SSX1510 chip and the SSX30-D chip are independent.
The second cryptographic algorithm chip is an SSX1616 chip and is used for realizing the safe storage of the secret key, and the SSX1616 chip is connected to the PS side of the ZYNQ main processor through a UART and is directly accessed and controlled by an ARM processor.
The SSX1616 chip is provided with a plurality of detection pins, and when the detection pins are found to have level changes, the keys stored in the chip are destroyed. In the hardware design, one pin is externally connected with a key destroying key to provide a mechanism for a user to destroy a key quickly; the other pins are pressed by the password card protection cover, and when external force forcibly destroys the password card protection cover, the key in the SSX1616 chip can be destroyed in time. Therefore, the cryptographic algorithm chip with the self-destruction input is adopted to store and protect the key component, and the anti-attack capability is effectively improved.
The PCIE interface is electrically connected with the FPGA, and the high-performance password card is connected with peripheral equipment through the PCIE interface to perform data interaction.
The software system comprises a Linux system and a main control program, wherein the Linux system runs in one core of the ARM processor, and the main control program runs in the other core of the ARM processor. As shown in fig. 2, the main control program includes an initialization module, which is used to initialize an ARM processor, initialize an FPGA on the PL side, identify the integrity of firmware and data of the cryptographic card, verify whether each cryptographic algorithm chip is working normally, and implement the cryptographic card initialization function; the key management module is used for realizing three-level key system management and backup recovery management; the authority control module is used for realizing identity authentication, realizing management authority, separating operation authority from audit authority and ensuring the use safety of the password card; the cryptographic algorithm chip control module is used for realizing access control of each cryptographic algorithm chip; the file management module is used for realizing file management on the password card; and the backup recovery module is used for realizing a backup recovery mechanism of the password card.
Example two:
the difference from the first embodiment is that the crypto card further includes a host, the crypto card is in communication connection with the host through the PCIE interface, the host includes an API interface and a driver, in actual application, an application layer calls the API interface to obtain various cryptographic services, the API interface performs format encapsulation on data according to a service request of the application layer, and transmits the encapsulated data to the crypto card through the driver, and the crypto card processes through a corresponding module of a calling main control program, and then obtains a result transmitted back by the crypto card through the driver and returns the result to the application layer.
The following briefly introduces the working principle of the present embodiment:
after the cryptographic card is electrified and started, the ARM processor firstly reads FSBL (first Stage Boot loader) stored in an S25FL128 chip into an RAM (random access memory) in a 7Z015 chip and executes the FSBL, the FSBL initializes the ARM processor and the FPGA, after the initialization is completed, the FSBL reads a system of the S25FL128 chip and a main control program to an MT41K128M16 chip and executes the system and the main control program, the main control program carries out self-detection on each cryptographic algorithm chip and a noise source generator, after the self-detection is successful, digest calculation is carried out on the FSBL stored in the S25FL128 chip and is compared with a stored digest value, after the comparison is successful, digest calculation is carried out on data information of the cryptographic card stored in an SDIN7DP2-4G chip and is compared with the stored digest value, after the comparison is successful, the initialization is completed, and application request service is waited.
After a user calls a request through the API interface, the API interface packages the format of the user request and gives the user request to a driver, the driver starts a DMA request, after the 7Z015 chip receives the DMA request, the DMA state machine of the FPGA carries data to an RAM of the FPGA of the password card and informs an ARM processor of the 7Z015 chip, and after the master control program receives the DMA request, the master control program firstly analyzes a message and transfers the message to a corresponding processing module, which specifically comprises the following steps:
1) random number processing module
And calling an FPGA state machine of the 7Z015 chip by the main control program, reading two WNG-9 noise source generators on the password card by the FPGA state machine at the same time, carrying out XOR processing, and informing the ARM main control program after the processing is finished.
2) SM1 processing module
The main control program firstly uses the protection key to decrypt the private key or the key encryption key of the user key pair, then uses the user key to decrypt the session key of the private key or the key encryption key, and then transfers the data required by the chip to the FPGA state machine of the main control chip, the FPGA state machine operates the control signal of the SSX30-D chip to complete the encryption and decryption operation, and after the processing is completed, the main control program of the ARM processor is informed, and after the main control program receives the notice, the clear 0 operation is carried out on the used plaintext key.
3) SM2 processing module
The method comprises the steps that a main control program firstly judges whether a private key needs to be used or not, if the private key needs to be used, whether a user obtains the use right of the private key or not is judged, if the use right of the private key is obtained, a user key pair private key is decrypted by using a protection key, then data needed by an SSX1510 is delivered to an FPGA (field programmable gate array) state machine of a main control chip, a control signal of the SSX1510 chip is operated by the FPGA state machine to complete a processing request, the main control program of an ARM processor is informed after the processing is completed, and after the main control program receives the notice, clear 0 operation is carried out on a used plaintext private key, the encrypted and decrypted data is moved to a host by using a DMA (direct; if the private key is not needed, the processing module delivers the data required by the SSX1510 chip to an FPGA state machine of the main control chip, the FPGA state machine operates the control signal of the SSX1510 chip to complete the processing request, and the main control program of the ARM processor is informed after the processing is completed.
4) SM3 processing module
And calling the FPGA state machine operation of 7Z015 by the main control program, operating an SSX1510 chip by the FPGA state machine, and informing the main control program of the ARM processor after the processing is finished.
5) SM4 processing module
The SM4 processing module is similar to the SM1 processing module, firstly uses a protection key to decrypt a private key of a user key pair or a key encryption key, uses the private key of the user key pair or the key encryption key to decrypt a session key, then sends data required by a chip to a FPGA state machine of 7Z015, the FPGA state machine operates a control signal of an SSX1510 chip to complete encryption and decryption operation, after the processing is completed, a main control program of an ARM processor is notified, and after the main control program receives the notification, clear 0 operation is performed on a used plaintext key.
And after the processing of each processing module is finished, using the DMA to carry the result and the processed data to the host memory through the DMA, and sending an interrupt. And the driver correspondingly interrupts to transport the data from the kernel layer to the user layer, and finally returns the result and the data to the user through the API interface.
Example three:
as shown in fig. 3, a method for generating a random number of a high-performance cryptographic card includes the following specific steps: after a user calls a corresponding interface, an API interface packages the data in format and then sends the data to a password card through a driver, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct or not, if the data format and the parameters are correct, the FPGA is called to operate a WNG-9 chip to generate random numbers with the same length required by the user, then the obtained random numbers are subjected to XOR and then returned to the ARM processor, then the ARM processor packages a response message, and the random numbers with the length required by the user are returned to the user through the driver and the API.
Example four:
as shown in fig. 4, a method for generating an SM2 key pair of a high-performance cryptographic card includes the following specific steps: after a user calls a corresponding interface, the API interface packages the data in format and then sends the data to the password card through a driving program, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct or not, if the data format and the parameters are correct, whether the parameters meet the user authority is detected, if the parameters meet the user authority, 256-bit random numbers are generated through WNG-9 to serve as private keys, and the FPGA is called to operate an SSX1510 chip to perform kP operation so as to obtain a public key value. And finally, packaging the response message, returning the secret key to the user through a driver and an API (application program interface), and clearing the secret key pair in the password card. And if the above items are not met, directly returning the error code to the user through the driver and the API.
Example five:
as shown in fig. 5-6, a method for generating and verifying a high-performance cryptographic card based on an SM2 digital signature includes the following specific steps: after the user calls the corresponding interface, the API interface packages the format of the data and then packages the data and sends the data to the password card through the driving program, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct, and if the data format and the parameters are correct, the next step of processing is carried out: if the SM2 digital signature is generated, whether the user session has acquired the access right of the private key needs to be verified, if the right has been acquired, the private key is decrypted, the FPGA is called to operate an SSX1510 chip to digitally sign the data, and the private key is immediately set to 0 after the signature is completed; if the SM2 digital signature is verified, the FPGA operation SSX1510 chip is called to verify the digital signature, and finally, the result is returned to the user through a driver and an API (application program interface). And if the above items are not met, directly returning the error code to the user through the driver and the API.
Example six:
as shown in fig. 7, a key agreement method based on SM2 for a high-performance cryptographic card includes the following specific steps: after the user calls the corresponding interface, the API interface packages the format of the data and then packages the data and sends the data to the password card through the driving program, an ARM processor on the password card firstly analyzes whether the data format and the parameters are correct, and if the data format and the parameters are correct, the next step of processing is carried out: if the private key needs to be used, whether the user session has acquired the access authority of the private key needs to be verified, if the authority has been acquired, the private key is decrypted, the FPGA is called to operate the SSX1510 chip to perform key agreement on the data, the private key is set to 0 immediately after the operation is completed, and finally the result is returned to the user through a driver and an API (application program interface). And if the above items are not met, directly returning the error code to the user through the driver and the API.
Example seven:
as shown in fig. 8, a SM3 data summarization method for a high-performance cryptographic card includes the following specific steps: after a user calls the corresponding interface, the API interface packages the format of the data and then packages the data and sends the data to the password card through the driving program, the ARM processor on the password card firstly analyzes whether the data format and the parameters are correct or not, if the data format and the parameters are correct, the FPGA is called to operate the SSX1510 chip to carry out hash generation on the data, and finally the result is returned to the user through the driving program and the API interface. And if the above items are not met, directly returning the error code to the user through the driver and the API.
Example eight:
as shown in fig. 9, a symmetric algorithm encryption and decryption method based on SM1/SM4 for a high-performance cryptographic card includes the following specific steps: after a user calls the corresponding interface, the API interface packages the data in a format and then packages the data and sends the data to the password card through the driving program, the ARM processor on the password card firstly detects whether the ARM processor has the authority of an operator, if the ARM processor on the password card has the authority of the operator, the corresponding symmetric key is decrypted, then the data is packaged to the FPGA and the state machine is started, and after the FPGA interacts with the SSX30-D or SSX1510 chip through the state machine, the result is returned to the ARM processor.
The following introduces the working procedures of the present invention:
(1) starting up
The 7Z015 is divided into a PL side and a PS side, wherein the PL side is mainly an FPGA, and the PS side is a dual-core ARM processor. As shown in fig. 10, after the cryptographic card is powered on or reset for the first time, FSBL (first Stage Boot loader) stored in S25FL128 Flash is loaded to the internal RAM by the PS side of 7Z015 for execution, FSBL initializes each peripheral of the ARM processor, after initialization, FSBL reads PL stored in S25FL128 Flash to the PL side for operation, and finally reads the system stored in S25FL128 Flash to MT41K128M16 for jump start, and after system start, the main control program automatically runs.
(2) Self-test
After the starting process is finished, the main control program can carry out self-checking on the integrality of all the cryptographic algorithm chips, the starting firmware and the data of the cryptographic card, and after all the self-checking is successful, the cryptographic card mark is successfully detected and can respond to the request of a user. If any self-check fails, the password card mark detection fails and the user request is not executed.
1) SSX30-D chip self-test
The SSX30-D chip was self-tested using preset data to test the correctness of the SM1 cryptographic algorithm. The data used were:
and (3) secret key: 0x40,0xbb,0x12,0xdd,0x6a,0x82,0x73,0x86,0x7f,0x35,0x29,0xd3,0x54,0xb4,0xa0,0x26
Initial vector: 0xe8,0x3d,0x17,0x15,0xac,0xf3,0x48,0x63,0xac,0xeb,0x93,0xe0,0xe5,0xab,0x8b,0x90
Plaintext data: 0xff,0xee,0xdd,0xcc,0xbb,0xaa,0x99,0x88,0x77,0x66,0x55,0x44,0x33,0x22,0x11,0x00
Ciphertext data in CBC mode: 0x3a,0x70,0xb5,0xd4,0x9a,0x78,0x2c,0x07,0x2d,0xe1,0x13,0x43,0x81,0x9e,0xc6,0x59
2) SSX1510 chip self-test
The SSX1510 chip is self-tested using preset data to test the correctness of the cryptographic algorithm.
The test SM4 algorithm used the following data:
and (3) secret key: 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10
Initial vector: 0xeb,0xee,0xc5,0x68,0x58,0xe6,0x04,0xd8,0x32,0x7b,0x9b,0x3c,0x10,0xc9,0x0c,0xa7
Plaintext data: 0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10
Ciphertext data in CBC mode: 0x3f,0x1e,0x73,0xc3,0xdf,0xd5,0xa1,0x32,0x88,0x2f,0xe6,0x9d,0x99,0x6c,0xde,0x93
The test SM3 algorithm used the following data:
data: 0x61,0x62,0x63
And (3) operation result: 0x66,0xc7,0xf0,0xf4,0x62,0xee,0xed,0xd9,0xd1,0xf2,0xd4,0x6b,0xdc,0x10,0xe4,0xe2,0x41,0x67,0xc4,0x87,0x5c,0xf2,0xf7,0xa2,0x29,0x7d,0xa0,0x2b,0x8f,0x4b,0xa8,0xe0
The test SM2 signature uses the following data:
Px=0x32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7;
Py=0xbc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0;
n=0xfffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123;
and (3) operation result:
result1=0xf9913b5accec12d4de8ccd92a3a0a25cc14e35b8d8933c8db7c470ec230035ae;
result2=0x8427d860f80e1b87d0364d38ad1a64aa78c2f619d89ec158d6cf2db0e4b5d15b;
the test SM2 signature used the following data:
Px=0x32c4ae2c1f1981195f9904466a39c9948fe30bbff2660be1715a4589334c74c7;
Py=0xbc3736a2f4f6779c59bdcee36b692153d0a9877cc62a474002df32e52139f0a0;
n=0xfffffffeffffffffffffffffffffffff7203df6b21c6052b53bbf40939d54123;
par3=0xf9913b5accec12d4de8ccd92a3a0a25cc14e35b8d8933c8db7c470ec230035ae;
par4=0x8427d860f80e1b87d0364d38ad1a64aa78c2f619d89ec158d6cf2db0e4b5d15b;
and (5) successfully calculating a result.
3) WNG-9 self-test
The password card integrates two WNG-9 digital physical noise source chips, the FPGA sends results generated by the two WNG-9 chips to the ARM processor after being subjected to XOR to serve as random numbers, and the randomness of the random numbers is tested to ensure that the random source chips are normal in function. The test contents comprise 15 detections (single bit frequency detection, intra block frequency detection, poker detection, overlapping subsequence detection, total run number detection, run distribution detection, intra block maximum 1 run detection, binary derivation detection, autocorrelation detection, matrix rank detection, accumulation and detection, approximate entropy detection, linear complexity detection, Marurer general statistical detection and discrete Fourier detection) specified in GM/T0005-2012 randomness detection standard, and the requirement that the digital physical noise source chip is approved to be effective after all the test items are met.
4) Firmware integrity verification
And reading the firmware stored in the S25FL128, performing SM3 hash calculation, comparing the result with the stored hash value, and if the comparison is consistent, successfully verifying.
5) Cryptographic card data integrity verification
And reading the password card data stored in the SDIN7DP2-4G, performing SM3 hash calculation, comparing the result with the stored hash value, and if the comparison is consistent, successfully verifying.
(3) Password card initialization
The initialization of the password card is a necessary process before the new password card is used, and the device key can be generated through the initialization process of the password card, so that a three-level key management mechanism is established.
The password card initialization can only be completed through a management tool, and 7 intelligent password keys are needed.
The initialization process is as follows:
a) and erasing the data area of the password card, and marking the state of the password card as an initial state.
b) The master control program calls the cryptographic algorithm chip control module to generate two groups of 128-bit key components, and one group of components is stored in the SSX1616 chip.
c) The main control program calls a cryptographic algorithm chip control module to generate a device encryption and signature key pair.
d) Prompting the user to insert the smart key and prompting the user to enter a new user password.
e) Device authentication is performed on the smart key and the default user password is modified using the new user password.
f) The main control program operates the intelligent cipher key to generate a signature cipher key pair and export a public key, and simultaneously stores the other one of the two groups of cipher key components generated in the step b) into the intelligent cipher key.
g) Repeat d) -f)6 times, corresponding to 5 administrator users, 1 audit administrator user and 1 operator user.
h) The main control program carries out XOR operation on the 2 groups of 128-bit keys generated in the step b), the result is used as a protection key, then a cipher algorithm chip control module is called to encrypt the equipment key by using the protection key, the ciphertext is stored in Flash, the cipher card mode is set to be in a ready state, the public key and the serial number of the intelligent cipher key and the cipher card mode are stored in Flash, and the digest value of the data area of the cipher card is recalculated and stored in Flash.
i) The generated device key and the protection key are cleared by 0.
And when the password initialization work is finished, the password card enters a ready state.
(4) Identity authentication
The password card supports an administrator, an audit administrator and a user, and all role logins need to meet the two-factor authentication of passwords and intelligent password keys. After the password is sent to a main control program of the password card through the management tool and the API and the driver, the main control program calls the authority control module to verify the PIN code and the intelligent password key input by the user, check the legal identity of the user, mark the user login after the authentication is passed, and simultaneously read the protection key component from the intelligent password key and recover the protection key.
(5) Cipher card internal user key pair generation process
The generation of the user key pair in the password card can be realized only by passing through a management tool and meeting the management authority.
The process is as follows:
a) and inserting a first administrator intelligent password key and inputting a password.
b) If successful, a) is repeated to ensure that half of the administrator logins are satisfied.
c) And reading a protection key component 1 from the intelligent cipher key, reading a protection key 2 from the SSX1616 chip, and carrying out exclusive-or operation to obtain the protection key.
d) And calling a random number generator operation module to generate 256-bit random numbers as a private key, and calling an SSX1510 operation module to perform kP operation to obtain a public key.
e) And encrypting the private key by using the protection key and then storing the private key in Flash.
f) Clear 0 will protect the key and the user's private key.
(6) Modifying private key access code flow
The modification of the private key access code can be generated only by passing through a management tool and meeting the management authority.
The process is as follows:
a) and inserting a first administrator intelligent password key and inputting a password.
b) If successful, a) is repeated to ensure that half of the administrator logins are satisfied.
c) A user is provided to enter a private key location and a private key access code.
d) And reading a protection key component 1 from the intelligent cipher key, reading a protection key 2 from the SSX1616 chip, and carrying out exclusive-or operation to obtain the protection key.
e) And encrypting the private key access code by using the protection key and then storing the encrypted private key access code in Flash.
f) The key and private key will be protected with access code plaintext 0.
(7) Key encryption and key updating process
The generation of the key encryption key needs to pass through a management tool and meet management authority to generate the key encryption key.
The process is as follows:
a) and inserting a first administrator intelligent password key and inputting a password.
b) If successful, a) is repeated to ensure that half of the administrator logins are satisfied.
c) A user input key is provided to encrypt the key location.
d) And reading a protection key component 1 from the intelligent cipher key, reading a protection key 2 from the SSX1616 chip, and carrying out exclusive-or operation to obtain the protection key.
e) And invoking a random number generator operation module to generate a 128-bit key encryption key.
f) And encrypting the key encryption key by using the protection key and then storing the encrypted key in Flash.
g) The protection key and the key encryption key plaintext 0 are encrypted.
(8) Cipher card key operation process
a) And checking whether the equipment meets the operation authority, and if not, inputting a password by inserting an intelligent password key of the user.
b) And calling the cryptographic algorithm chip control module to operate the cryptographic algorithm chip according to the user request after success.
c) And returning the operated data and the execution result to the user.
(9) SM2 signature flow
a) The main control program checks whether the equipment meets the operation authority, and if the equipment does not meet the requirement, the intelligent password key of the user is inserted, and the password is input.
b) It is checked whether the session has access rights to the corresponding private key.
c) And if the access authority is provided, the private key is decrypted by using the protection key.
d) And (5) the private key and the user data are packaged and then notified to the FPGA state machine.
e) And operating the SSX1510 chip by the FPGA state machine to perform signature operation, and informing the master control program after obtaining the result.
f) The main control program clears the plain text of the private key and returns the result to the user.
(10) Cipher card backup process
The password card backup can be generated only by passing through a management tool and meeting management authority.
a) It is checked whether the administrator authority is satisfied.
b) A 128-bit backup-restore key is generated using a noise source generator.
c) The backup-restore key is split into 5 key components using a secret sharing mechanism.
d) A first administrator smart key is inserted and a key component is written to the smart key.
e) Repeating d) until 5 key components are written to the smart key.
f) And the data information in the password card is encrypted again by using the backup recovery key and then output.
g) And clearing the backup recovery key and each key component, clearing all data of the password card, and setting the password card to be in an initial state.
(11) Password card recovery process
The password card backup needs to pass through a management tool and needs to be restored on the password card in the initial state.
a) And sequentially inserting the intelligent cipher keys with the backup recovery key components, verifying the user password, reading the key components after successful verification, and deleting the key components of the intelligent cipher keys after successful reading.
b) Repeating a) until 3 key components are read into the crypto card.
c) And restoring the backup recovery key in the password card.
d) And decrypting the backed-up cryptographic card data by using the backup recovery key.
e) And writing the data into the storage area of the password card.
f) And clearing the backup recovery key information.
It should be noted that the smart key is an SJK1915 device.
Finally, it should be noted that: the above embodiments are only used to illustrate the present invention and do not limit the technical solutions described in the present invention;
thus, while the present invention has been described in detail with reference to the foregoing embodiments, it will be understood by those skilled in the art that various changes may be made and equivalents may be substituted; all such modifications and variations are intended to be included herein within the scope of this disclosure and the present invention and protected by the following claims.
Claims (2)
1. A high performance cryptographic card, comprising: comprises a hardware platform and a software system; the hardware platform comprises a ZYNQ main processor, a storage unit, a password key unit, a PCIE interface, two digital physical noise sources, a first password algorithm chip, a second password algorithm chip and a third password algorithm chip; the ZYNQ main processor comprises a dual-core ARM processor and an FPGA, the ARM processor and the FPGA are interconnected through a high-speed on-chip bus, and the ARM processor is mainly used for user identity authentication, key management, password operation and file management; the FPGA is used for assisting the ARM processor to operate each cryptographic algorithm chip so as to effectively reduce the load of the ARM processor and improve the parallel operation capability of the cryptographic algorithm chips; the password key unit is electrically connected with the ARM processor through a USB interface and is used for identifying identity authentication and managing keys; the PCIE interface is electrically connected with the FPGA, and the password card is connected with external server equipment through the PCIE interface; the two digital physical noise sources are electrically connected with the FPGA and used for generating a secret key, an initial vector and a random number, and the random number is obtained by XOR of results generated by the two digital physical noise sources; the storage unit comprises DDR, SPI Flash and eMMC; the DDR is electrically connected with the ARM processor and used as an operating environment of the OS; the SPI Flash is electrically connected with the ARM processor and used for storing programs; the eMMC is electrically connected with the ARM processor and used for storing a secret key; the first cryptographic algorithm chip is electrically connected with the FPGA and is used for realizing SM2, SM3 and SM4 cryptographic algorithms; the second cryptographic algorithm chip is electrically connected with the FPGA and is used for realizing an SM1 cryptographic algorithm; the third cryptographic algorithm chip is electrically connected with the ARM processor through the UART and used for safely storing the secret key;
the software system comprises a Linux system and a main control program, the Linux system runs in one core of the ARM processor, the main control program runs in the other core of the ARM processor, and the main control program comprises an initialization module and a password card initialization module, wherein the initialization module is used for initializing the ARM processor, initializing a Field Programmable Gate Array (FPGA) on a PL side, identifying the integrity of firmware and password card data, verifying whether each password algorithm chip works normally or not, and realizing the password card initialization function; the key management module is used for realizing three-level key system management and backup recovery management; the authority control module is used for realizing identity authentication, realizing management authority, separating operation authority from audit authority and ensuring the use safety of the password card; the cryptographic algorithm chip control module is used for realizing access control of each cryptographic algorithm chip; the file management module is used for realizing file management on the password card; a backup recovery module for realizing a backup recovery mechanism of the cipher card, wherein one pin of the third cipher algorithm chip is externally connected with a key destroying button, the other pins are pressed by a protective cover of the cipher card, when an external force forcibly destroys the protective cover, the key in the third cipher algorithm chip can be destroyed in time,
after the password card is electrified and started, an ARM processor firstly reads FSBL stored in SPI Flash into a ZYNQ main processor RAM and executes the FSBL, the FSBL initializes the ARM processor and the FPGA, after initialization is completed, the FSBL reads a system and a main control program of the SPI Flash to a DDR and executes the system and the main control program, the main control program carries out self-check on each password algorithm chip and a noise source generator, after the self-check is successful, abstract calculation is carried out on the FSBL stored in the SPI Flash and compared with a stored abstract value, after the comparison is successful, abstract calculation is carried out on password card data information stored in the eMMC and compared with the stored abstract value, after the comparison is successful, initialization is completed, and application request service is waited; after a user calls a request through the API interface, the API interface packages the format of the user request and gives the user request to a driver, the driver starts a DMA request, after the ZYNQ main processor receives the DMA request, the DMA state machine of the FPGA carries data to an RAM of the FPGA of the password card and informs an ARM processor of the ZYNQ main processor, and after the main control program receives the DMA request, the main control program firstly analyzes a message and transfers the message to a corresponding processing module, and the method specifically comprises the following steps:
1) random number processing module
Calling an FPGA state machine of a ZYNQ main processor by a main control program, simultaneously reading two WNG-9 noise source generators on the password card by the FPGA state machine, carrying out XOR processing, and informing the main control program of the ARM after the processing is finished;
2) SM1 processing module
The main control program firstly decrypts the private key or the key encryption key of the user key pair by using the protection key, decrypts the session key by using the private key or the key encryption key of the user key pair, then transfers the data required by the chip to the FPGA state machine of the main control chip, the FPGA state machine operates the control signal of the second cryptographic algorithm chip to complete the encryption and decryption operation, and after the processing is completed, the main control program of the ARM processor is informed, and after the main control program receives the notice, the clear 0 operation is carried out on the used plaintext key;
3) SM2 processing module
The main control program firstly judges whether the private key needs to be used or not, if the private key needs to be used, whether a user obtains the use right of the private key or not is judged, if the use right of the private key is obtained, the user key pair private key is decrypted by using a protection key, then data required by a first cryptographic algorithm chip is delivered to an FPGA (field programmable gate array) state machine of the main control chip, the FPGA state machine operates a control signal of the first cryptographic algorithm chip to complete a processing request, the main control program of an ARM processor is informed after the processing is completed, and after the main control program receives the notice, clear 0 operation is carried out on the used plaintext private key, the data after encryption and decryption is moved to a host by using a DMA (direct memory access), and the data are returned; if the private key is not needed, the processing module transfers the data required by the first cryptographic algorithm chip to an FPGA state machine of the main control chip, the FPGA state machine operates the control signal of the first cryptographic algorithm chip to complete the processing request, and the main control program of the ARM processor is informed after the processing is completed;
4) SM3 processing module
The main control program calls an FPGA state machine operation of the ZYNQ main processor, the FPGA state machine operates a first cryptographic algorithm chip, and the main control program of the ARM processor is informed after the processing is finished;
5) SM4 processing module
The SM4 processing module is similar to the SM1 processing module, firstly, a user key pair private key or a key encryption key is decrypted by using a protection key, a session key is decrypted by using the user key pair private key or the key encryption key, then data required by a chip is delivered to an FPGA (field programmable gate array) state machine of a ZYNQ main processor, the FPGA state machine operates a control signal of a first cryptographic algorithm chip to finish encryption and decryption operations, a main control program of an ARM processor is notified after the processing is finished, and the main control program performs clear 0 operation on a used plaintext key after receiving the notification;
after the processing of each processing module is finished, the result and the processed data are carried to a host memory through DMA by using DMA, and an interrupt is sent; the driver correspondingly interrupts to transport the data from the kernel layer to the user layer, and finally returns the result and the data to the user through the API interface;
the work flow of the high-performance password card is as follows:
(1) starting up
The ZYNQ main processor is divided into a PL side and a PS side, the PL side is mainly an FPGA, the PS side is a dual-core ARM processor, after the password card is powered on or reset for the first time, FSBL stored in the SPI Flash can be loaded to an internal RAM (random access memory) by the PS side of the ZYNQ main processor for execution, the FSBL can initialize each peripheral of the ARM processor, after initialization is completed, the FSBL can read the PL stored in the SPI Flash to run on the PL side, finally, a system stored in the SPI Flash can be read to run in the DDR and jump to start, and a main control program can run automatically after the system is started;
(2) self-test
After the starting process is finished, the main control program can carry out self-checking on the integrality of all the cryptographic algorithm chips, the starting firmware and the integrality of the cryptographic card data, after all the self-checking are successful, the cryptographic card mark is successfully detected and can respond to the request of a user, and if any self-checking is failed, the cryptographic card mark is failed to be detected and the user request is not executed;
1) first cryptographic algorithm chip self-checking
Self-checking the first cryptographic algorithm chip by using preset data to test the correctness of the cryptographic algorithm;
2) second cryptographic algorithm chip self-test
Self-checking the second cryptographic algorithm chip by using preset data to test the correctness of the SM1 cryptographic algorithm;
3) two-piece digital physical noise source self-check
The FPGA sends results generated by two pieces of digital physical noise sources to an ARM processor after XOR, the results are used as random numbers, the randomness of the random numbers is tested, so that the normal functions of a random source chip are ensured, the test contents comprise single-bit frequency detection, frequency detection in a block, poker detection, overlapping subsequence detection, total run number detection, run distribution detection, maximum '1' run detection in the block, binary derivation detection, autocorrelation detection, matrix rank detection, accumulation and detection, approximate entropy detection, linear complexity detection, Marurer general statistical detection and discrete Fourier detection, and the requirement that the digital physical noise sources are approved to be effective behind all test items is met;
4) firmware integrity verification
Reading firmware stored in the eMMC, performing SM3 hash calculation, comparing the result with the stored hash value, and checking successfully if the comparison is consistent;
5) cryptographic card data integrity verification
Reading the password card data stored in the eMMC, carrying out SM3 hash calculation, comparing the result with the stored hash value, and if the comparison is consistent, successfully verifying;
(3) password card initialization
The initialization of the password card can only be completed through a management tool, and simultaneously, 7 intelligent password keys are needed, and the initialization process is as follows:
erasing the data area of the password card, and marking the state of the password card as an initial state;
the main control program calls a cryptographic algorithm chip control module to generate two groups of 128-bit key components, and one group of components is stored in a third cryptographic algorithm chip;
the main control program calls a cryptographic algorithm chip control module to generate an equipment encryption and signature key pair;
prompting a user to insert an intelligent password key and prompting the user to input a new user password;
performing equipment authentication on the intelligent password key and modifying a default user password by using a new user password;
the master control program operates the intelligent cipher key to generate a signature key pair and export a public key, and simultaneously stores the other group of the two groups of key components generated in the step b) into the intelligent cipher key;
repeating d) -f) for 6 times, corresponding to 5 administrator users, 1 audit administrator user and 1 operator user;
the main control program carries out XOR operation on the 2 groups of 128-bit keys generated in the step b), the result is used as a protection key, then a cipher algorithm chip control module is called to encrypt the equipment key by using the protection key, the ciphertext is stored in Flash, the cipher card mode is set to be in a ready state, the public key and the serial number of the intelligent cipher key and the cipher card mode are stored in Flash, and the digest value of the data area of the cipher card is recalculated and stored in Flash;
for the generated device key and protection key list 0;
when the password initialization work is finished, the password card enters a ready state;
(4) identity authentication
The password card supports an administrator, an audit administrator and a user, and all role logins need to meet the two-factor authentication of passwords and intelligent password keys; after the password is sent to a main control program of the password card through the management tool via the API and the driver, the main control program calls the authority control module to verify the PIN code and the intelligent password key input by the user, check the legal identity of the user, mark the user login after the authentication is passed, and simultaneously read the protection key component from the intelligent password key and recover the protection key;
(5) cryptographic card internal user key pair generation
The generation of the user key pair in the password card can be realized only by passing through a management tool and meeting the management authority, and the process is as follows:
inserting a first administrator intelligent password key and inputting a password;
if the login is successful, a) is repeatedly executed, and half of administrators are ensured to log in;
reading a protection key component 1 from the intelligent cipher key, reading a protection key 2 from a third cipher algorithm chip, and carrying out XOR operation to obtain a protection key;
calling a random number generator operation module to generate 256-bit random numbers as a private key, and calling a first cryptographic algorithm chip operation module to perform kP operation to obtain a public key;
encrypting the private key by using a protection key and then storing the private key in Flash;
clear the protection key and the plaintext of the private key of the user to 0;
(6) modifying private key access codes
The private key access code can be generated only by modifying the private key access code through a management tool and meeting the management authority, and the process is as follows:
inserting a first administrator intelligent password key and inputting a password;
if the login is successful, a) is repeatedly executed, and half of administrators are ensured to log in;
providing a user input private key position and a private key access code;
reading a protection key component 1 from the intelligent cipher key, reading a protection key 2 from a third cipher algorithm chip, and carrying out XOR operation to obtain a protection key;
encrypting the private key access code by using a protection key and then storing the encrypted private key access code in Flash;
clear text 0 of the protection key and the private key access code;
(7) key encryption key update
The key encryption key generation can be performed only by passing through a management tool and meeting management authority, and the process is as follows:
inserting a first administrator intelligent password key and inputting a password;
if the login is successful, a) is repeatedly executed, and half of administrators are ensured to log in;
providing a user input key encryption key location;
reading a protection key component 1 from the intelligent cipher key, reading a protection key 2 from a third cipher algorithm chip, and carrying out XOR operation to obtain a protection key;
calling a random number generator operation module to generate a 128-bit key encryption key;
encrypting the key encryption key by using the protection key and then storing the encrypted key in Flash;
encrypting the protection key and the key by the key plaintext 0;
(8) cryptographic card key operation
Checking whether the equipment meets the operation authority, and if not, inputting a password by inserting an intelligent password key of a user;
after the password algorithm chip is successfully operated, the password algorithm chip control module is called to operate the password algorithm chip according to the user request;
returning the calculated data and the execution result to the user;
(9) SM2 signature
The main control program checks whether the equipment meets the operation authority, and if the equipment does not meet the requirement of inserting an intelligent password key of a user, a password is input;
checking whether the session has the access right of the corresponding private key;
if the access authority is possessed, the private key is decrypted by using the protection key;
the private key and the user data are packaged and then notified to the FPGA state machine;
the FPGA state machine operates the first cryptographic algorithm chip to perform signature operation, and notifies a main control program after a result is obtained;
the main control program clears the plain text of the private key and returns the result to the user;
(10) password card backup
The password card backup can be generated only by passing through a management tool and meeting the management authority;
checking whether the administrator authority is satisfied;
generating a 128-bit backup recovery key using a noise source generator;
dividing the backup recovery key into 5 key components by using a secret sharing mechanism;
inserting a first administrator smart key and writing a key component into the smart key;
repeating d) until 5 key components are written into the intelligent cipher key;
the data information in the password card is encrypted again by using the backup recovery key and then output;
clearing the backup recovery key and each key component, clearing all data of the password card, and setting the password card to be in an initial state;
(11) password card recovery
The password card backup needs to pass through a management tool and needs to be recovered on the password card in the initial state;
sequentially inserting the intelligent cipher keys with the backup recovery cipher key components, verifying the user password, reading the cipher key components after successful verification, and deleting the cipher key components of the intelligent cipher keys after successful reading;
repeating a) until 3 key components are read into the crypto card;
restoring the backup recovery key in the password card;
decrypting the backed-up cryptographic card data using the backup recovery key;
writing data into a storage area of the password card;
and clearing the backup recovery key information.
2. The high-performance cryptographic card of claim 1, wherein: the cipher card is in communication connection with the host through the PCIE interface, the host comprises an API (application programming interface) and a driver, when the cipher card is actually applied, an application layer calls the API to obtain various cipher services, the API encapsulates data according to a service request of the application layer in a format, the encapsulated data is transmitted to the cipher card through the driver, the cipher card processes the data through a corresponding module of the calling master control program, and the driver obtains a result transmitted back by the cipher card and returns the result to the application layer.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911017354.6A CN110765438B (en) | 2019-10-24 | 2019-10-24 | High-performance password card and working method thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201911017354.6A CN110765438B (en) | 2019-10-24 | 2019-10-24 | High-performance password card and working method thereof |
Publications (2)
| Publication Number | Publication Date |
|---|---|
| CN110765438A CN110765438A (en) | 2020-02-07 |
| CN110765438B true CN110765438B (en) | 2021-01-01 |
Family
ID=69333381
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201911017354.6A Active CN110765438B (en) | 2019-10-24 | 2019-10-24 | High-performance password card and working method thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN110765438B (en) |
Families Citing this family (18)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN111352862A (en) * | 2020-03-05 | 2020-06-30 | 中安云科科技发展(山东)有限公司 | Key destroying method, system, password card and password machine |
| CN111371550A (en) * | 2020-03-11 | 2020-07-03 | 北京红亚华宇科技有限公司 | Data security code box, experiment method and system |
| CN111478895A (en) * | 2020-04-03 | 2020-07-31 | 乾讯信息技术(无锡)有限公司 | Network multimedia secure transmission method and system |
| CN111580956B (en) * | 2020-04-13 | 2024-05-14 | 三未信安科技股份有限公司 | Cipher card, key space configuration method and key use method thereof |
| CN111835510A (en) * | 2020-05-28 | 2020-10-27 | 无锡航天江南数据系统科技有限公司 | ETC safety management method |
| CN111917710B (en) * | 2020-06-12 | 2022-06-24 | 北京智芯微电子科技有限公司 | PCI-E cipher card, its key protection method and computer readable storage medium |
| CN111782037A (en) * | 2020-06-23 | 2020-10-16 | 江苏微桔智能科技有限公司 | Millimeter wave-based space gesture password input acquisition method |
| CN111541725B (en) * | 2020-07-08 | 2021-04-27 | 支付宝(杭州)信息技术有限公司 | Block chain all-in-one machine, password acceleration card thereof, and key management method and device |
| CN112035900B (en) * | 2020-08-21 | 2022-03-15 | 郑州信大捷安信息技术股份有限公司 | High-performance password card and communication method thereof |
| CN112035152B (en) * | 2020-08-24 | 2023-10-10 | 成都三零嘉微电子有限公司 | Secure processing system and method for upgrading firmware of SoC chip |
| CN112260839B (en) * | 2020-10-20 | 2022-11-22 | 河北素数信息安全有限公司 | Micro transmission encryption device based on embedded technology and starting method thereof |
| CN112257119B (en) * | 2020-10-20 | 2022-10-28 | 河北素数信息安全有限公司 | Identity authentication method and protection method for ensuring security of encryption device |
| CN112532381A (en) * | 2020-11-16 | 2021-03-19 | 航天信息股份有限公司 | Data processing method based on password card, electronic equipment and storage medium |
| CN112688787B (en) * | 2021-03-22 | 2021-06-08 | 广州智慧城市发展研究院 | Authentication platform and method based on Mifare card |
| CN113076532B (en) * | 2021-03-25 | 2024-04-12 | 三未信安科技股份有限公司 | PCI cipher card for self-diagnosis |
| CN114448627A (en) * | 2022-02-21 | 2022-05-06 | 广州鼎甲计算机科技有限公司 | Encryption card and encryption method thereof |
| CN115544583B (en) * | 2022-10-08 | 2023-05-05 | 江南信安(北京)科技有限公司 | Data processing method and device of server cipher machine |
| CN117714031B (en) * | 2024-01-11 | 2024-06-04 | 无锡路通视信网络股份有限公司 | High-speed data encryption communication method |
Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105357005A (en) * | 2015-11-16 | 2016-02-24 | 国网智能电网研究院 | Electric power trusted computing cryptographic module for PCI/PCI-E interface |
| CN106022080A (en) * | 2016-06-30 | 2016-10-12 | 北京三未信安科技发展有限公司 | Cipher card based on PCIe (peripheral component interface express) interface and data encryption method of cipher card |
| CN106022169A (en) * | 2016-06-30 | 2016-10-12 | 北京三未信安科技发展有限公司 | Encryption protection method based on ZYNQ small-size cipher machine and device for realizing method |
| CN207690086U (en) * | 2017-08-01 | 2018-08-03 | 北京迪曼森科技有限公司 | A kind of multithreading PCIe cipher cards |
| CN109145568A (en) * | 2018-08-21 | 2019-01-04 | 西安得安信息技术有限公司 | A kind of full algorithm cipher card and its encryption method based on PCI-E interface |
| US10461940B2 (en) * | 2017-03-10 | 2019-10-29 | Fmr Llc | Secure firmware transaction signing platform apparatuses, methods and systems |
Family Cites Families (5)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| MX9602773A (en) * | 1994-01-13 | 1997-05-31 | Bankers Trust Co | Cryptographic system and method with key escrow feature. |
| US10708236B2 (en) * | 2015-10-26 | 2020-07-07 | Secturion Systems, Inc. | Multi-independent level secure (MILS) storage encryption |
| CN106953732B (en) * | 2017-03-10 | 2020-02-07 | 南方城墙信息安全科技有限公司 | Key management system and method for chip card |
| US11057194B2 (en) * | 2017-07-03 | 2021-07-06 | Stmicroelectronics S.R.L. | Processing system, related integrated circuit, device and method |
| CN108880810B (en) * | 2018-09-07 | 2024-02-27 | 江苏云涌电子科技股份有限公司 | Key destroying circuit structure |
-
2019
- 2019-10-24 CN CN201911017354.6A patent/CN110765438B/en active Active
Patent Citations (6)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN105357005A (en) * | 2015-11-16 | 2016-02-24 | 国网智能电网研究院 | Electric power trusted computing cryptographic module for PCI/PCI-E interface |
| CN106022080A (en) * | 2016-06-30 | 2016-10-12 | 北京三未信安科技发展有限公司 | Cipher card based on PCIe (peripheral component interface express) interface and data encryption method of cipher card |
| CN106022169A (en) * | 2016-06-30 | 2016-10-12 | 北京三未信安科技发展有限公司 | Encryption protection method based on ZYNQ small-size cipher machine and device for realizing method |
| US10461940B2 (en) * | 2017-03-10 | 2019-10-29 | Fmr Llc | Secure firmware transaction signing platform apparatuses, methods and systems |
| CN207690086U (en) * | 2017-08-01 | 2018-08-03 | 北京迪曼森科技有限公司 | A kind of multithreading PCIe cipher cards |
| CN109145568A (en) * | 2018-08-21 | 2019-01-04 | 西安得安信息技术有限公司 | A kind of full algorithm cipher card and its encryption method based on PCI-E interface |
Also Published As
| Publication number | Publication date |
|---|---|
| CN110765438A (en) | 2020-02-07 |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| CN110765438B (en) | High-performance password card and working method thereof | |
| US10341091B2 (en) | Secure memory storage | |
| CN101430747B (en) | Movable equipment based on credible embedded platform and its security storage method | |
| EP2506488B1 (en) | Secure dynamic on-chip key programming | |
| US9792427B2 (en) | Trusted execution within a distributed computing system | |
| EP1695169B1 (en) | Method and apparatus for incremental code signing | |
| KR100996784B1 (en) | Saving and retrieving data based on public key encryption | |
| RU2740298C2 (en) | Protection of usage of key store content | |
| CN112491843B (en) | Database multiple authentication method, system, terminal and storage medium | |
| CN101176100A (en) | Methods and apparatus for generating endorsement credentials for software-based security coprocessors | |
| CN113420309B (en) | Lightweight data protection system based on state cryptographic algorithm | |
| CN111435396A (en) | Intelligent safety master control | |
| US20220286272A1 (en) | Method and apparatus for neural network model encryption and decryption | |
| CN114221762A (en) | Private key storage method, private key reading method, private key management device, private key management equipment and private key storage medium | |
| CN117708794A (en) | Equipment authorization method and equipment authorization device | |
| CN106682470A (en) | Fingerprint recognition system based on encrypted fingerprint information, terminal device and method | |
| CN116881936A (en) | Trusted computing method and related equipment | |
| CN104376277B (en) | Arithmetic unit, method and system | |
| CN116170157A (en) | User password encryption and decryption method and device based on national encryption algorithm | |
| CN113542303B (en) | Software importing system and method for secret key in non-trusted environment | |
| JP2902087B2 (en) | Electronic signature method using IC card | |
| CN113141329B (en) | Big data mining method, device, equipment and storage medium | |
| CN114866228A (en) | Method, system, storage medium and terminal for realizing soft password module | |
| Cabiddu et al. | The trusted platform agent | |
| Chang et al. | Hardware-assisted security mechanism: The acceleration of cryptographic operations with low hardware cost |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| PB01 | Publication | ||
| PB01 | Publication | ||
| SE01 | Entry into force of request for substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| GR01 | Patent grant | ||
| GR01 | Patent grant |